Overview

overview

8

Static

static

vpn-4games.exe

windows7-x64

7

vpn-4games.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    vpn-4games.exe

  • Size

    301.6MB

  • Sample

    230201-alcjsada2x

  • MD5

    5b6e6c7331b416f40021216d22a86ea0

  • SHA1

    f0c8a85bb115669c702e042b5e62901133bbfb22

  • SHA256

    373b8a34d4dc77de66e36f69cbf2cd2e232b78606092961bc59bfd6a70fbf565

  • SHA512

    a955d0f75f8b2cd15b498638afa13ca89f79527efc7c4e00d3c3836f85654d2dc158d4bcb8dea18c7cfcd8ee1d0c14789c196ce926eb4eeb76d52e8c9f2ecfdb

  • SSDEEP

    49152:BUTP8vbgQonc/eJaG+dUC94pn9z9EKU+gK5I:BUbagVc/eJWUC9k9aFOI

Score
8/10

Malware Config

Targets

    • Target

      vpn-4games.exe

    • Size

      301.6MB

    • MD5

      5b6e6c7331b416f40021216d22a86ea0

    • SHA1

      f0c8a85bb115669c702e042b5e62901133bbfb22

    • SHA256

      373b8a34d4dc77de66e36f69cbf2cd2e232b78606092961bc59bfd6a70fbf565

    • SHA512

      a955d0f75f8b2cd15b498638afa13ca89f79527efc7c4e00d3c3836f85654d2dc158d4bcb8dea18c7cfcd8ee1d0c14789c196ce926eb4eeb76d52e8c9f2ecfdb

    • SSDEEP

      49152:BUTP8vbgQonc/eJaG+dUC94pn9z9EKU+gK5I:BUbagVc/eJWUC9k9aFOI

    Score
    8/10

    • Blocklisted process makes network request

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops startup file

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks